I’ve got a use case that I would imagine would be fairly common, but I can’t seem to be able to figure out a solution for:
I’ve got a field on the user type, we’ll call it “access code”, that is private. This field is used to obtain “personal data” from an external API call, as well as to make changes to data on that API. As a result, this field needs to be private to each user via privacy rules.
However, other users need to be able to view a user’s “personal data”, but only if that user shares it with them. Users should never be able to make changes to another user’s personal data.
As a result, an API workflow needs to run without privacy rules to use a user’s access code to retrieve their personal data and serve it to another user. Unfortunately, the “return Data from API Workflow” action can’t be accessed directly from the app, at least through the “schedule an API workflow” call.
So I wrote an API call to call the app’s own API workflows and return the data. However, I can’t figure out how to make this call authenticated as the current user. I can use an API key from the bubble settings, but this will run as an admin user, which doesn’t allow for restricting access to personal data based on whether it has been shared.
Has anyone used API workflows to retrieve data on behalf of another user before? How can I make this work without exposing access codes or personal data to any malicious and competent user?
Backend workflow doesn’t work like Data API. You can choose to only provide data that you want in the response back. Also, you can consider to store the Access token into a different DB to restrict the access to this type of data to only current user.
Could you elaborate some more on your suggestions? As it stands, I use the return action to only return personal data (obtained using the access token) if the user in question has shared the data with the current user. Is your reccommendation for an external database, or just a different database type? Can you elaborate on how that would work?
After another reading of your post, I understand that you are getting data From Bubble to Bubble. I really believe you should create a new Database type to put the Access token that you want to keep private there.
So the DB can only have 1 field (Access token, text field).
In user, you will have a Field “Access token” that will be of type of the new DB.
Set privacy setting to be If current user’s access token contain current item.
You will be able to share personnal data of the user but not the access token because they are two different type that you can manage using a different setting.
So the personal data isn’t static, nor is it stored in bubble. It’s obtained from an API call to an external service using the access token. Basically the core issue is that I need the server (bubble) to handle the token and make the call on behalf of users.